[ Previous |
Next |
Contents |
Glossary |
Home |
Search ]
AIX Version 4.3 Base Operating System and Extensions Technical Reference, Volume 1
ckuseracct Subroutine
Purpose
Checks the validity of a user account.
Library
Security Library (libc.a)
Syntax
#include <login.h>
int ckuseracct (Name, Mode, TTY)
char *Name;
int Mode;
char *TTY;
Description
Note: This subroutine is obsolete and is provided only for backwards compatibility. Use the loginrestrictions subroutine, which performs a superset of the functions of the ckuseracct subroutine, instead.
The ckuseracct subroutine checks the validity of the user account specified by the Name parameter. The Mode parameter gives the mode of the account usage, and the TTY parameter defines the terminal being used for the access. The ckuseracct subroutine checks for the following conditions:
- Account existence
- Account expiration
The Mode parameter specifies other mode-specific checks.
Parameters
| Name |
Specifies the login name of the user whose account is to be validated. |
| Mode |
Specifies the manner of usage. Valid values as defined in the login.h file are listed below. The Mode parameter must be one of these or 0:
- S_LOGIN
- Verifies that local logins are permitted for this account.
- S_SU
- Verifies that the su command is permitted and that the current process has a group ID that can invoke the su command to switch to the account.
- S_DAEMON
- Verifies the account can be used to invoke daemon or batch programs using the src or cron subsystems.
- S_RLOGIN
- Verifies the account can be used for remote logins using the rlogind or telnetd programs.
|
| TTY |
Specifies the terminal of the originating activity. If this parameter is a null pointer or a null string, no TTY origin checking is done. |
Security
| Mode |
File |
|---|
| r |
/etc/passwd |
| r |
/etc/security/user |
Return Values
If the account is valid for the specified usage, the ckuseracct subroutine returns a value of 0. Otherwise, a value of -1 is returned and the errno global variable is set to the appropriate error code.
Error Codes
The ckuseracct subroutine fails if one or more of the following are true:
| ENOENT |
The user specified in the Name parameter does not have an account. |
| ESTALE |
The user's account is expired. |
| EACCES |
The specified terminal does not have access to the specified account. |
| EACCES |
The Mode parameter is S_SU, and the current process is not permitted to use the su command to access the specified user. |
| EACCES |
Access to the account is not permitted in the specified Mode. |
| EINVAL |
The Mode parameter is not one of S_LOGIN, S_SU, S_DAEMON, S_RLOGIN. |
Implementation Specifics
This subroutine is part of Base Operating System (BOS) Runtime.
Related Information
The ckuserID subroutine, getpcred subroutine, getpenv subroutine, setpcred subroutine, setpenv subroutine.
The login command, rlogin command, su command, telnet command.
The cron daemon.
List of Security and Auditing Subroutines and Subroutines Overview in AIX Version 4.3 General Programming Concepts: Writing and Debugging Programs.
[ Previous |
Next |
Contents |
Glossary |
Home |
Search ]